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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply - 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM ^ 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

• If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)S Responsive to communication(s) filed on 13 November 2001 . 
2a)\Z\ This action is FINAL. 2b)S This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-37 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) IEI Claim(s) ii37 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 13 The specification is objected to by the Examiner. /Cfl/C^ /\B5TAACT gXCeeOS '50 WoROS- 
10)13 The drawing(s) filed on 13 November 2001 is/are: a)|3 accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 
1 !)□ The oath or declaration is objected to by the Examiner Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. . 

2. n Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Detailed ACTION 

1 . Claims 1 -37 are presented for examination. 



Information Disclosure Statement PTO-1449 

2. The Information Disclosure Statement submitted by applicant on 
8/29/2003 and 03/14/2005 has been considered. Please see attached PTO- 
1449. 

Claim Objections 

3. Applicant is reminded of the proper language and format for an abstract of 
the disclosure. 



The abstract should be in narrative form and generally limited to a single 
paragraph on a separate sheet within the range of 50 to 150 words. It is 
important that the abstract not exceed 150 words in length since the space 
provided for the abstract on the computer tape used by the printer is limited. The 
form and legal phraseology often used in patent claims, such as "means" and 
"said." should be avoided. The abstract should describe the disclosure 
sufflciently to assist readers in deciding whether there is a need for consulting the 
full patent text for details. 

The language should be clear and concise and should not repeat 
information given in the title. It should avoid using phrases which can be implied, 
such as, "The disclosure concerns," "The disclosure defined by this invention," 
"The disclosure describes," etc. 



Double Patenting 

4. The nonstatutory double patenting rejection is based on a judicially 
created doctrine grounded in public policy (a policy reflected in the statute) so as 
to prevent the unjustified or improper timewise extension of the "right to exclude" 
granted by a patent and to prevent possible harassment by multiple assignees. 
See In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re 
Long!, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Omum, 686 
F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 
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USPQ 619 (CCPA 1970);and. In re Thorington, 418 F.2d 528, 163 USPQ 644 
(CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321(c) may 
be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent is shown to 
be commonly owned with this application. See 37 CFR 1.130(b). 

Effective January 1 , 1994, a registered attorney or agent of record may 
sign a terminal disclaimer. A tenninal disclaimer signed by the assignee must 
fully comply with 37 CFR 3.73(b). 



5. Claims1-37 are rejected under the judicially created doctrine of 
obviousness-type double patenting as being unpatentable over claim1-37 of U.S. 
Patent No. 6,823,433. Although the conflicting claims are not identical, they are 
not patentably distinct from each other because claims 1-37 of the patent 
teaches all limitation of claims, 1-37 of the instant application except the 
differences that are bolded in the table. 

For example physical address and information in claim 1 of Patent NO 
6,823,433 has been replaced with linear address and numerical value in claim 
1 of the application. Therefore it would have been obvious to one of ordinary skill 
in the art at the time the invention was mad to replace the physical address and 
information with linear address and numerical value since a linear address has a 
corresponding physical address residing within a selected memory page and 
numerical value is a type of information. 
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Application NO: 10010161 


Patent NO: 6,823,433 


Claim 1 

A memory management unit for managing a 
memory storing data arranged within a plurality 
of memory pages, the memory management unit 
comprising: a security check unit coupled to 
receive a linear address generated during 
execution of a current instruction, wherein the 
linear address has a corresponding physical 
address residing within a selected memory 
page, and wherein the security check unit is 
configured to use the linear address to access 
at least one security attribute data structure 
located in the memory to obtain a security 
attribute of the selected memory page, to 
compare a numerical value conveyed by a 
security attribute of the current instruction to a 
numerical value conveyed by the security 
attribute of the selected memory page, and to 
produce an output signal dependent upon a 
result of the comparison; and wherein the 
memory management unit is configured to 
access the selected memory page dependent 
upon the output signal. 


Claim 1 

A memory management unit for managing a 
memory storing data arranged within a plurality 
of memory pages, the memory management 
unit comprising: a security check unit coupled 
to receive physical address generated during 
execution of a current instruction, wherein the 
physical address resides within a selected 
memory page, and wherein the security check 
unit is configured to use the physical address 
to access at least one security attribute data 
structure located in the memory to obtain a 
security attribute of the selected memory page, 
to compare information conveyed by a 
security attribute of the current instruction to 
information conveyed by the security attribute 
of the selected memory page, and to produce 
an output signal dependent upon a result of 
the comparison; and wherein the memory 
management unit is configured to access the 
selected memory page dependent upon the 
output signal. 


Claim 11 

A central processing unit, comprising: an 
execution unit operably coupled to a memory, 
wherein the execution unit is configured to fetch 
instructions from the memory and to execute the 
instructions; and a memory management unit 
(MMU) operably coupled to the memory and 
configured to manage the memory, wherein the 
MMU is configurable to manage the memory 
such that the memory stores data arranged 
within a plurality of memory pages, and wherein 
the MMU comprises: a security check unit 
coupled to receive a linear address generated 
by the execution unit during execution of a 
current instruction, wherein the linear address 
has a corresponding physical address that 
resides within a selected memory page, and 
wherein the security check unit is configured to 
use the linear address to access at least one 
security attribute data structure located in the 


Claim 1 1 

A central processing unit, comprising: an 
execution unit operably coupled to a memory, 
wherein the execution unit is configured to fetch 
instructions from the memory and to execute 
the instructions; and a memory management 
unit (MMU) operably coupled to the memory 
and configured to manage the memory, 
wherein the MMU is configurable to manage 
the memory such that the memory stores data 
a arranged within a plurality of memory pages, 
and wherein the MMU comprises: a security 
check unit coupled to receive a physical 
address generated by the execution unit during 
execution of a current instruction, wherein the 
physical address resides within a selected 
memory page, and wherein the security check 
unit is configured to use the physical address to 
access at least one security attribute data 
structure located in the memory to obtain a 
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memory to obtain a security attribute of the 
selected memory page, to compare a numerical 
value conveyed by a security attribute of the 
current instruction to a numerical value 
conveyed by the security attribute of selected 
memorv oaoe and to oroduce an outnut sional 
dependent upon a result of the comparison; and 
wherein the MMU is configured to access the 
selected memory page dependent upon the 
output signal 


security attribute of the selected memory page, 
to compare information conveyed by a 
security attribute of the current instruction to 
information conveyed by the security attribute 
of selected memory page, and to produce an 

outDut ^Inrir^l fipnpnripnt iinnn a rpQiilt nf thp 
comparison; and wherein the MMU is 
configured to access the selected memory 
page dependent upon the output signal. 


Claim 12 

A computer system, comprising: a memory 
for storing data, wherein the data includes 
instructions; a central processing unit (CPU), 
comprising: an execution unit operably coupled 
to the memory, wherein the execution unit is 
configured to fetch instructions from the memory 
and to execute the instructions; and a memory 
management unit (MMU) operably coupled to 
the memory and configured to manage the 
memory, wherein the MMU is configurable to 
manage the memory such that the memory 
stores the data arranged within a plurality of 
memory pages, and wherein the MMU 
comprises: a security check unit coupled to 
receive a linear address generated by the 
execution unit during execution of a current 
instruction, wherein the linear address has a 
corresponding physical address residing 
within a selected memory page, and wherein the 
security check unit is configured to use the 
linear address to access at least one security 
attribute data structure located in the memory to 
obtain a security attribute of the selected 
memory page, to compare a numerical value 
conveyed by a security attribute of the current 
instruction to a numerical value conveyed by 
the security attribute of selected memory page, 
and to produce an output signal dependent upon 
a result of the comparison; and wherein the 
MMU is configured to access the selected 
memory page dependent upon the output signal. 


Claim 12 

A computer system, comprising: a memory 
for storing data wherein the data includes 
instructions; a central processing unit (CPU), 
comprising; an execution unit operably 
coupled to the memory, wherein the execution 
unit is configured to fetch instructions from the 
memory and to execute the instructions; and a 
memory management unit (MMU) operably 
coupled to the memory and configured to 
manage the memory, wherein the MMU is 
configurable to manage the memory such that 
the memory stores the data arranged within a 
plurality of memory pages, and wherein the 
MMU comprises: a security check unit coupled 
to receive a physical address generated by 
the execution unit during execution of a current 
instruction, wherein the physical address 
resides within a selected memory page, and 
wherein the security check unit is configured to 
use the physical address to access at least 
one security attribute data structure located in 
the memory to obtain a security attribute of the 
selected memory page, to compare 
Information conveyed by a security attribute 
of the current instruction to information 
conveyed by the security attribute of selected 
memory page, and to produce an output signal 
dependent upon a result of the comparison; 
and wherein the MMU is configured to access 
the selected memory page dependent 
upon the output signal. 
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Claim 13 

A memory management unit for managing a 
memory storing data arranged within a plurality 
of memory pages, the memory management unit 
comprising: a paging unit coupled to the memory 
and to receive a linear address produced during 
execution of a current instruction, and 
configured to use the linear address to produce 
a physical address within a selected memory 
page, wherein the paging unit is configured to 
use the linear address to access at least one 
paged memory data structure located in the 
memory to obtain security attributes of the 
selected memory page, and wherein the paging 
unit is configured to produce a fault signal 
dependent upon the security attributes of the 
selected memory page; and a security check 
unit coupled to receive the linear address 
produced during execution of the current 
instruction, and wherein the security check unit 
is configured to use the linear address to 
access at least one security attribute data 
structure located in the memory to obtain an 
additional security attribute of the selected 
memory page, to compare a numerical value 
conveyed by a security attribute of the current 
instruction to a numerical value conveyed by 
the additional security attribute of selected 
memory page, and to produce an output signal 
dependent upon a result of the comparison; and 
wherein the memory management unit is 
configured to access the selected memory page 
dependent upon the output signal. 



Claim 13 

A memory management unit for managing a 
memory storing data arranged within a plurality 
of memory pages, the memory management 
unit comprising: a paging unit coupled to the 
memory and to receive a linear address 
produced during execution of a current 
instruction, and configured to use the linear 
address to produce a physical address within a 
selected memory page, wherein the paging 
unit is configured to use the linear address to 
access at least one paged memory data 
structure located in the memory to obtain 
security attributes of the selected memory 
page, and wherein the paging unit is 
configured to produce a fault signal dependent 
upon the security attributes of the selected 
memory page, and wherein the paging unit 
comprises: security check unit coupled 
to receive the physical address, and wherein 
the security check unit is configured to use the 
physical address to access at least one 
security attribute data structure located in the 
memory to obtain an additional security 
attribute of the selected memory page, to 
compare information conveyed by a security 
attribute of the current instruction to 
information conveyed by the additional 
security attribute of selected memory page, 
and to produce an output signal dependent 
upon a result of the comparison; and wherein 
the memory management unit is configured to 
access the selected memory page dependent 
upon the output signal. 
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Claim 23 

A memory management unit for managing a 
memory storing data arranged within a plurality 
of memory pages, the memory management unit 
comprising: a paging unit coupled to the memory 
and to receive a linear address produced during 
execution of a current instruction residing within 
a first memory page, wherein the paging unit is 
configured to use the linear address to produce 
a physical address accessed by the current 
instruction, and wherein the physical address 
includes a base address of a selected memory 
page and an offset, and wherein the paging unit 
is configured to access at least one paged 
memory data structure located in the memory 
using the linear address to obtain the base 
address and security attributes of the selected 
memory page, and wherein the paging unit is 
configured to receive a security attribute of the 
instruction, and wherein the paging unit is 
configured to produce a fault signal dependent 
upon the security attribute of the instruction and 
the security attributes of the selected memory 
page; and a security check unit coupled to 
receive the security attribute of the instruction, 
the security attributes of the selected memory 
page, and the linear address produced during 
execution of the current instruction, and wherein 
the security check unit is configured to use the 
linear address to access at least one security 
attribute data structure located in the memory to 
obtain an additional security attribute of the 
selected memory page, to compare a nunnerical 
value conveyed by a security attribute of the 
current instruction to a numerical value 
conveyed by the additional security attribute of 
selected memory page, and to produce an 
output signal dependent upon a result of the 
comparison; and wherein the memory 
management unit is configured to access the 
selected memory page dependent upon the 
output signal. 



Claim 23 

A memory management unit for managing a 
memory storing data arranged within a plurality 
of memory pages, the memory management 
unit comprising: a paging unit coupled to the 
memory and to receive a linear address 
produced during execution of a current 
instruction residing within a first memory page, 
wherein the paging unit is configured to use 
the linear address to produce a physical 
address accessed by the current instruction, 
and wherein the physical address includes a 
base address of a selected memory page and 
an offset, and wherein the paging unit is 
configured to access at least one paged 
memory data structure located in the memory 
using the linear address to obtain the base 
address and security attributes of the selected 
memory page, and wherein the paging unit is 
configured to receive a security attribute of the 
instruction, and wherein the paging unit is 
configured to produce a fault signal dependent 
upon the security attribute of the instruction 
and the security attributes of the selected 
memory page, and wherein the paging unit 
comprises: a security check unit coupled to 
receive the security attribute of the instruction, 
the security attributes of the selected memory 
page, and the physical address within the 
selected memory page, and wherein the 
security check unit is configured to use the 
physical address to access at least one 
security attribute data structure located in the 
memory to obtain an additional security 
attribute of the selected memory page, to 
compare information conveyed by a security 
attribute of the current instruction to 
information conveyed by the additional 
security attribute of selected memory page, 
and to produce an output sign dependent upon 
a result of the comparison; and wherein the 
memory management unit is configured to 
access the selected memory page dependent 
upon the output signal. 
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Claim 32 

A method for providing access security for a 
memory used to store data arranged within a 
plurality of memory pages, the method 
comprising: receiving a linear address produced 
during execution of an instruction and a security 
attribute of the instruction, wherein the 
instruction resides in a first memory page; using 
the linear address to access at least one paged 
memory data structure located in the memory to 
obtain a base address of a selected memory 
page and security attributes of the selected 
memory page; combining the base address of 
the selected memory page with an offset to 
produce a physical address within the selected 
memory page if the security attribute of the 
instruction and the security attributes of the 
selected memory page indicate the access is 
authorized; generating a fault signal if the 
security attribute of the instruction and the 
security attributes of the selected memory page 
indicate the access is not authorized; accessing 
at least one security attribute data structure 
located in the memory using the linear address 
produced during execution of the instruction 
to obtain an additional security attribute of the 
first memory page and an additional security 
attribute of the selected memory page; 
comparing a numerical value conveyed by an 
additional security attribute of the first memory 
page to a numerical value conveyed by the 
additional security attribute of selected memory 
page; and accessing the selected memory page 
dependent upon a result of the comparing of the 
numerical values conveyed by the security 
attribute of the first memory page and the 
additional security attribute of selected memory 
page. 



Claim 32 

A method for providing access security for 
a, memory used to store data arranged within 
a plurality of memory pages, the method 
comprising: receiving a linear address 
produced during execution of an instruction 
and a security attribute of the instruction, 
wherein the instruction resides in a first 
memory page; using the linear address to 
access at least one paged memory data 
structure located in the memory to obtain a 
base address of a selected memory page and 
security attributes of the selected memory 
page; combining the base address of the 
selected memory page with an offset to 
produce a physical address within the selected 
memory page if the security attribute of the 
instruction and the security attributes of the 
selected memory page indicate the access is 
authorized; generating a fault signal if the 
security attribute of the instruction and the 
security attributes of the selected memory 
page indicate the access is not authorized; 
accessing at least one security attribute data 
structure located in the memory using the 
physical address of the selected memory 
page to obtain an additional security attribute 
of the first memory page and an additional 
security attribute of the selected memory page; 
comparing information conveyed by an 
additional security attribute of the first memory 
page to information conveyed by the 
additional security attribute of selected 
memory page; and accessing the selected 
memory page dependent upon a result of the 
comparing of the information conveyed by the 
security attribute of the first memory page and 
the additional security attribute of selected 
memory page. 
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Claim 37 

37. The method as recited in claim 31. wherein 
the accessing comprises: accessing at least one 
security attribute data structure located in the 
memory using the linear address produced 
during execution of the instruction to obtain 
an additional security attribute of the first 
memory page and an additional security 
attribute of the selected memory page, wherein 
the at least one security attribute data structure 
comprises a security attribute table directory and 
at least one security attribute table, and wherein 
the additional security attribute of the first 
memory page comprises a security context 
identification (SCID) value of the first memory 
page, and wherein the SCID value of the first 
memory page is an integer value greater than or 
equal to 0 and indicates a security context level 
of the first memory page, and wherein the 
additional security attribute of the selected 
memory page comprises a security context 
identification (SCID) value of the selected 
memory page, and wherein the SCID value of 
the selected memory page is an integer value 
greater than or equal to 0 and indicates a 
security context level of the selected memory 
page. 



Claim 37 

The method as recited in claim 32, wherein 
the accessing comprises: accessing at least 
one security attribute data structure located in 
the memory using the physical address of 
the selected memory page to obtain an 
additional security attribute of the first memory 
page and an additional security attribute of the 
selected memory page, wherein the at least 
one security attribute data structure comprises 
a security attribute table directory and at least 
one security attribute table, and wherein the 
additional security attribute of the first memory 
page comprises a security context 
identification (SCID) value of the first memory 
page, and wherein the SCID value of the first 
memory page is an integer value greater than 
or equal to 0 and indicates a security context 
level of the first memory page, and wherein the 
additional security attribute of the selected 
memory page comprises a security context 
identification (SCID) value of the selected 
memory page, and wherein the SCID value of 
the selected memory page is an integer value 
greater than or equal to 0 and indicates a 
security context level of the selected memory 
page- 



Claim Rejections - 35 (JSC § 102 



6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 
102 that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
states. 
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7. Claims 1,11-13, 23, 32 and 36-37 are rejected under 35 U.S.C. 102(b) as 
being anticipated by Teruyuki l\^aruyama et al. (US Patent NO.6,052,763). 

Regarding Claims 1, 11-13, 23, 32 and 36-37 

Maruyama teaches a processing unit 340 (execution unit) coupled 
to the memory unit 10 through the use of bus 15 and a memory controller 
20 (memory management unit) coupled to the DRAM memory 19 (column 

4, lines 62-67, column 6, lines 1-19 and fig 4). Maruyama furthermore 
teaches a memory management unit for managing a memory storing data 
arranged within a plurality of memory pages, the memory management 
unit comprising: a security check unit (register 21) coupled to receive a 
linear address generated during execution of a current instruction (column 

5, line 20-21), wherein the linear address has a corresponding physical 
address residing within a selected memory page [(column 5, line 23-24) 
(access address is accessing a range within DRAM 19. DRAM 19 has to 
be addressed by physical address)], and wherein the security check unit is 
configured to use the linear address to access at least one security 
attribute (processor master ID) data structure located in the memory to 
obtain a security attribute of the selected memory page, to compare a 
numerical value conveyed by a security attribute of the current instruction 
to a numerical value conveyed by the security attribute of the selected 
memory page, and to produce an output signal dependent upon a result of 
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the comparison, if the processor master ID does not match, the 
comparator outputs a signal indicating an error (fault signal); if there is a 
match a different signal is outputted [(access addresses are stored in the 
decoder and master ID is sent to register 22. A comparator 23 is used to 
compare the master ID from the system bus with the bus master ID and 
outputs a signal)(column 6, lines 11-40 and column 5 lines 20-40)]; and 
wherein the memory management unit is configured to access the 
selected memory page dependent upon the output signal (column 6 lines 
29-40). (Having a paging unit is inherent in the art in order to translate 
linear addresses to physical addresses). 

Regarding Claims 2, 14, 21, 24 and 29 

Maruyama teaches all limitation of the claim as applied to claim 1, 

13 and 23 above and furthermore he teaches a master ID data structure 
24 comprising a master ID table (table directory) and a lookup table 
(security attribute table) (column 6, lines 48-54). 

Regarding Claims 3, 15 and 30 

Maruyama teaches all limitation of the claim as applied to claim 2, 

14 and 29 above and furthermore he teaches a memory controller 20 
(memory management unit), wherein the master ID table (security 
attribute table directory) comprises a plurality of entries, and where each 
entry of the security attribute table directory includes a present bit and a 
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security attribute table base address field, and wherein the present bit 
indicates whether or not a security attribute table corresponding to the 
security attribute table directory entry is present in the memory, and 
wherein the security attribute table base address field is reserved for a 
base address of the security attribute table corresponding to the security 
attribute table directory entry (column 6, lines 30-55 and fig 4). 



Regarding Claims 4-6, 16-18, 27, 28 and 31 

Maruyama teaches all limitation of the claim as applied to claims 
2, 1 , 14, 13, 23 and 29 above and furthermore he teaches using a master 
ID table (accessing one security attribute data structure) to extract a 
master ID (obtain additional security attribute, SCID) and compare it to 
master ID of the accessing processor. The master IDs are indicators of 
security level of accessing processor since they detemnine if the processor 
is authorized to perform any transactions in the memory system (column 
6, lines 30-55 and fig 4). 

Regarding Claim 7 

Maruyama teaches all limitation of the claim as applied to claims 1 , 
above and furthermore he teaches a memory management unit, wherein 
the comparator (security check logic) is configured to obtain the master ID 
(security attribute) of the current instruction from the at least one master 
ID table (security attribute data structure) (column 6, lines 29-40 and fig 4). 
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Regarding Claim 8 

Maruyama teaches all limitation of the claim as applied to claims 1 , 
above and furthemiore he teaches a memory management unit, wherein 
the output signal is a fault signal [(column 6, lines 35-40) (if the processor 
master ID does not match, the comparator outputs a signal indicating an 
error (fault signal); if there is a match a different signal is outputted)]. 

Regarding Claim 9 

Maruyama teaches all limitation of the claim as applied to claims 1 , 
above and furthermore he teaches a memory management unit, wherein 
the register 21 (security check unit) is configured to receive a set of 
processor master ID (security attributes) of the selected memory page in 
addition to the master ID (security attribute) of selected memory page, and 
to produce the output signal dependent upon: (i) the result of the 
comparison of the numerical value conveyed by the master ID (security 
attribute) of the current instruction to the numerical value conveyed by the 
master ID (security attribute) of selected memory page, and (ii) the set of 
master ID (security attributes) of the selected memory page (column 6, 
lines 11-40). 
Regarding Claims 19, 25 and 33 

Maruyama teaches all limitation of the claim as applied to claims 
13. 23 and 32 above and furthermore he teaches a memory controller 20 
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(memory management unit), wherein the register unit 21 (security checl^ 
unit) is coupled to receive a cun'ent privilege level (CPL) of a current task 
including the current instruction, and configured to produce the output 
signal dependent upon: (i) the result of the comparison of the numerical 
values conveyed by the security attribute of the current instruction and the 
security attribute of selected memory page, and (ii) the CPL of the current 
task including the current instruction (column 6, lines 1 1-40 and fig 4). 

Regarding Claim 34 

Maruyama teaches all limitation of the claim as applied to claim 32 
above and furthennore he teaches using an access address to obtain the 
master ID (security attribute) for an accessing processor wherein a master 
ID data structure 24 comprises a master ID table (table directory) and a 
lookup table (security attribute table) (column G.lines 48-54). 



Claim Rejections - 35 USC § 103 



8. The following is a quotation of 35 U.S.C. 103(a) which fornis the basis for 
all obviousness rejections set forth in this Office action: 

(a) patent may not be obtained though the invention is not identically disclose or described as 
set forth in section 1 02 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 
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9. Claims 10, 20, 22, 26, and 35 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Mamyama (6,052,763) in view of applicant's admitted 
prior art. 

Regarding Claims 10, 22, 26 and 35 

Maruyama teaches the memory management system of claims 1 , 
13, and 23. Maruyama does not teach security attributes comprising a 
user/supervisor (U/S) bit and a read/write (R/W) bit. Applicant's admitted 
prior art discloses the memory protection features of an user/supervisor 
(U/S) bit and a read/write (R/W) bit where U/S=0 indicates that the 
memory page is an operating system page, U/S-1 indicates that the 
memory page is an user memory page, R/W=0 indicates that only read 
accesses are allowed, and R/W=1 indicates that both read and write 
accesses are allowed to the memory page (Page 5, lines 4-18). Therefor It 
would have been obvious to one of ordinary skill in the art at the time the 
invention was made to integrate the protection features disclosed in 
applicant's admitted prior art to the memory management system of 
Maruyama. This would have been obvious because person having 
ordinary skill in the art at the time the invention was made would have 
been motivated to do so since these features would add further security to 
the system by allowing the further access controls such as user or 
supervisor assigned memory areas and memory areas assigned as read- 
only or read-write areas. 
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Regarding Claim 20 

Maruyama teaches the memory management system of claim 13. 
Maruyama does not teach a physical address within a selected memory 
page including a base address and an offset. Applicant's admitted prior art 
teaches a lower portion of an address (offset) being used as an index of 
the memory page and a page frame base address being used to select 
the corresponding memory page. When the offset and the base address 
are combined, they form a physical address (Page 4, lines 21-25). 
Therefore It would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify Maruyama's system to include 
a physical address within a selected memory page including a base 
address and an offset. This would have been obvious because person 
having ordinary skill in the art at the time the invention was made would 
have been motivated to do so in order to give the system the ability to 
produce a physical address from the input of a linear address since such 
ability would allow the system in the case where linear addresses are 
being inputted. 



10. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

1. U.S.Patent No.6,813,699 

This reference relates to the filed of address translation for memory 

management in a computer system. 
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2. U.S.Patent No. 5,933,627 

This reference relates to microprocessor which execute multi- 
threaded programs and in particular to the handling of blocked memory 
accesses in such programs. 

Conclusion 

1 1 . Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to All Abyaneh whose telephone number 
is (571) 272-7961 . The examiner can normally be reached on Monday- 
Friday from (8:00-5:00). If attempts to reach the examiner by telephone 
are unsuccessful, the examiner's supervisor, Albert Decady can be 
reached on (571)272-3819. The fax phone numbers for the organization 
where this application or proceeding is assigned as (703) 872-9306. 
Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status 
information for published applications may be obtained from either Private 
PAIR or Public PAIR. Status information for unpublished applications is 
available through Private PAIR only. For more infomiation about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 

All Abyaneh ^'^ 
Patent Examiner 
Art Unit 21 33 
April 29, 2005 
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